<?php
error_reporting(E_ERROR|E_PARSE);
session_start();
if($_SESSION["islogin"]!=='igiveyouthepower'){
echo "<script language=JavaScript>\r\n";
echo "alert('请先登录!');\r\n";
echo "location.href='../index.php'\r\n";
echo "</script>";
}else{
require_once('../config.php');
$conn = mysqli_connect($cfg_dbhost,$cfg_dbuser,$cfg_dbpwd,$cfg_dbname);

function trimd($str){
$str=str_replace("'","''",$str);
return trim($str);
}

$proid=$_REQUEST["id"];
$lang=$_REQUEST["lang"];
$proname=trimd($_POST["proname"]);
$skucode=$_POST["skucode"];
$price=$_POST["price"];
$saleprice=$_POST["saleprice"];
$coin=$_POST["coin"];
$px=$_POST["px"];
$code=$_POST["code"];
$kucun=$_POST["kucun"];
$weight=$_POST["weight"];
$bname=$_POST["bname"];
$fromurl=trimd($_POST["fromurl"]);
$sketch=trimd($_POST["sketch"]);
$keywords=trimd($_POST["keywords"]);
$content=trimd($_POST["content"]);
$bttname=$_POST["bttname"];
$user_name=$_SESSION["managername"];
$ndate=date("Y-m-d",time());
if($proname==''){
echo "<script language=JavaScript>\r\n";
echo "alert('产品名不能为空!');\r\n";
echo "location.href='products_add.php'\r\n";
echo "</script>";
}else{
$sql = "update ph_".$lang." set proname='".$proname."',price='".$price."',coin='".$coin."',code='".$code."',content='".$content."',skucode='".$skucode."',bname='".$bname."',saleprice='".$saleprice."',keywords='".$keywords."',fromurl='".$fromurl."',sketch='".$sketch."',weight='".$weight."',kucun='".$kucun."',btname='".$bttname."',isedit='yes' where id='".$proid."'";
mysqli_query($conn,$sql);
//$proid=mysql_insert_id();
//É¾³ýÍ¼
//mysqli_query($conn,"delete from ph_img where id in(select imgid from ph_proimg where proid='".$proid."')");
//É¾³ý±äÌå
mysqli_query($conn,"delete from ph_proimg where proid='".$proid."'");
mysqli_query($conn,"delete from ph_shuxing where proid='".$proid."'");
//²åÈëÖ÷Í¼
$proimg=$_POST["proimg"];
for($i=0;$i<count($proimg);$i++){
mysqli_query($conn,"INSERT INTO ph_img(imgpath,px)VALUES('".$proimg[$i]."','".$px[$i]."');");
$imginid=mysqli_insert_id($conn);
mysqli_query($conn,"INSERT INTO ph_proimg(imgid,proid,px)VALUES('".$imginid."','".$proid."','".$px[$i]."');");
}
//²åÈë±äÌå
$btname=$_POST["btname"];
$btprice=$_POST["btprice"];
$btsaleprice=$_POST["btsaleprice"];
$btkucun=$_POST["btkucun"];
$upc=$_POST["upc"];
$imgid=$_POST["imgid"];
for($r=0;$r<count($btname);$r++){
//echo $btname[$r];
mysqli_query($conn,"INSERT INTO ph_shuxing(cname,proid,price,saleprice,kucun,skucode)VALUES('".$btname[$r]."','".$proid."','".$btprice[$r]."','".$btsaleprice[$r]."','".$btkucun[$r]."','".$upc[$r]."');");
$btid=mysqli_insert_id($conn);
$btimg=$_POST["btimg".$imgid[$r]];
for($t=0;$t<count($btimg);$t++){
//echo $btimg[$t]."</br>";
mysqli_query($conn,"INSERT INTO ph_img(imgpath)VALUES('".$btimg[$t]."');");
$imgbtid=mysqli_insert_id($conn);
mysqli_query($conn,"INSERT INTO ph_proimg(imgid,proid,btid)VALUES('".$imgbtid."','".$proid."','".$btid."');");
}
}
echo "<script language=JavaScript>\r\n";
//echo "alert('ÐÂÔö³É¹¦!');\r\n";
echo "location.href='". $_SERVER["HTTP_REFERER"]."'\r\n";
echo "</script>";
}}
?>